EN
Request a demo
EN
Products
Pricing
Company
Resources
Events
Request a demo
See all integrations

SentinelOne

3 Analyzers
1 Responder
GitHub

Analyzers (3)

SentinelOne DNSReverseLookup v1.0

Query SentinelOne for DNS names that resolved to a given IP address. Returns the domains and the hosts that made the DNS queries. Supports both SDL (Security Data Lake) API and legacy Deep Visibility API.

  • Author: Fabien Bloume, StrangeBee
  • License: AGPL-V3
  • Data Types: ip

SentinelOne DeepVisibility DNSQuery v1.0

Query Sentinel One Deep Visibility API v2.1 for hosts that have requested DNS lookups for a domain/URL/FQDN.

  • Author: Joe Vasquez
  • License: AGPL-V3
  • Data Types: url, domain, fqdn

SentinelOne DNSQuery v2.0

Query SentinelOne for hosts that have requested DNS lookups for a domain/URL/FQDN. Supports both new SDL (Security Data Lake) API and legacy Deep Visibility API v2.1.

  • Author: Joe Vasquez; Fabien Bloume, StrangeBee
  • License: AGPL-V3
  • Data Types: url, domain, fqdn

Responders (1)

SentinelOne Hash Blacklister v1.0

Add SHA1 hash to SentinelOne Blacklist via API v2.1.

  • Author: Joe Vasquez
  • License: AGPL-V3
  • Data Types: thehive:case_artifact
CrowdStrike Falcon
Splunk
VirusTotal
Microsoft Defender for Endpoint
Microsoft Entra ID
MISP
Google Threat Intelligence
Recorded Future
Microsoft Defender for Office 365
Proofpoint
Shodan
Slack
AbuseIPDB
Cloudflare
URLScan.io
URLhaus
ONYPHE
YARA
CAPA
Telegram
Airtable
AnyRun
Autofocus
AWSLambda
AWX
Axur
BackscatterIO
BinalyzeAIR
Censys
CERTatPassiveDNS
ChainAbuse
CheckPhish
CheckPoint
CiscoUmbrella
CISMCAP
ClamAV
Cluster25
ClusterHawk
Crtsh
CuckooSandbox
CyberChef
Cyberprotect
Cylance
DNS-RPZ
DNSDB
DNSdumpster
DNSLookingglass
DNSSinkhole
DomainTools
DShield
Duo Security
EchoTrail
EclecticIQ
EmergingThreats
EmlParser
FileInfo
FireHOLBlocklists
FoxIO
Gatewatcher CTI
Gmail
GoogleDNS
GRR
HarfangLab
Hashdd
Inoitsu
IntezerCommunity
Investigate
IP-API
IPVoid
isMalicious
IVRE
JAMFProtect
JIRA
Jupyter
KnowBe4
LdapQuery
Lookyloo
LupovisProwl
Mailer
MailIncidentStatus
Malpedia
MalwareClustering
Malwares
MetaDefender
MsgParser
NERD
Nessus
Netcraft
NSRL
Okta
ONYPHEActiveScan
OpenCTI
OrionMalware
PassiveTotal
Patrowl
PhishingInitiative
Pulsedive
QrDecode
Redmine
Robtex
RT4
SecurityTrails
SendGrid
SinkDB
SophosIntelix
SpamAssassin
SpamhausDBL
StamusNetworks
StopForumSpam
ThreatGrid
ThreatMiner
ThreatResponse
Thunderstorm
TorBlutmagie
TorProject
Triage
UnshortenLink
urlDNA.io
Valhalla
ValidateObservable
Verifalia
VMRay
Vulners
Watcher
Wazuh
WOT
Yeti
ZEROFOX
Zscaler
Abuse Finder
AIL Onion-Lookup
AlienVault OTX
CIRCL Hash Lookup
CIRCL Passive DNS
CIRCL Passive SSL
CIRCL Vulnerability-Lookup
Cisco Secure Endpoint (Formerly AMP for Endpoints)
CrowdSec
Domain Mail SPF DMARC
DomainTools Iris
Elasticsearch
EmailRep
FireEye iSIGHT
Forcepoint WebsensePing
Google Safe Browsing
Google Vision API
GreyNoise
Have I Been Pwned
Hunter.io
Hybrid Analysis
IBM QRadar
IBM X-Force
IPinfo
Joe Sandbox
Kaspersky TIP
Maltiverse
MalwareBazaar
Malware Hash Registry (MHR)
MaxMind
MISP Warning Lists
Mnemonic Passive DNS
n8n
PAN Cortex XDR
PAN Cortex XSOAR
PAN Next Generation Firewall
PAN WildFire
PhishTank
Rapid7 InsightConnect
SEKOIA Intelligence Center
Shuffle
ThreatConnect
Tines
Velociraptor
VirusShare
Back to all integrations
See how TheHive can help your team
Thousands of analysts worldwide rely on our platform to manage security incidents more efficiently than ever.
See what the buzz is about:
Request a demo